Information Security Lead

Job Description

Role Summary: The Associate/Associate Consultant/Consultant (SAM Technical) is responsible for keeping the team updated on technology changes and best practices across various solutions. Key Accountabilities / Responsibilities: Implement Configure SAM tools in customers environments. Configure tools, agent packaging, and beacon setup. Provide support and training on SAM tools to customers. Manage and support both hosted and on-premise SAM solutions. Direct interaction with customers to troubleshoot and resolve configuration issues. Document customer configurations within their environment. Create technical and functional documentation as required. Support and train the global SAM team on various SAM solutions. External technical coordination with customers and SAM tool providers. Act as a bridge between SoftwareONE and SAM solution providers. Core Capabilities: Strong presentation and communication skills. Strong analytical abilities. Quality-oriented mindset. Methodical approach to problem-solving. Functional Capabilities: Highly motivated and results-oriented. Strong organizational, multitasking, and time management skills. Solid problem-solving and consultative skills. Required Technical Skills Experience: Complete Implementation Support of AWS ELK (OpenSearch Service) / Elasticsearch. Experience and knowledge of AWS Cloud. Previous experience in Splunk to ELK migration. Familiarity with Splunk dashboards, panels, reports, alerts, and indices. Strong experience in building ETL pipelines for ELK. Experience in installing and configuring Beats, API integration (if required), and creating Kibana dashboards. Experience in writing scripts for log parsing and grokking. Expertise in implementing, configuring, and performance tuning ELK clusters and nodes. Design and implement highly scalable ELK (Elasticsearch, Logstash, and Kibana) stack solutions. Experience in configuring ELK security using PKI and LDAP. Familiarity with the Elastic Stack ecosystem for metadata services, centralized log monitoring, notifications, system metrics, application health, and performance monitors. Expertise in Elasticsearch and Logstash performance tuning and configuration. Experience in architecting data structures using Elasticsearch. Design, development, administration, and delivery of Elasticsearch / ELK-based reporting solutions. Proficiency in elastic query/KQL for data analysis. Strong problem-solving skills. AWS Cloud Architect certification is a plus. Additional Responsibilities: Collaborate and work with AIOps SMEs/Data Science teams to build ML models for observability. Hands-on experience with data visualization/business intelligence. 6-9 years of hands-on experience supporting Elasticsearch in production, particularly with medium to large clusters. Ability to assess customer architecture and provide suitable solutions. Experience in setting up the ELK stack (Elasticsearch, Logstash, Kibana) to process data from multiple sources. Implement ELK solutions in hybrid environments (cloud-based and on-premises). Expertise in Kibana visualization strategies, controls, and techniques. Knowledge of Elasticsearch index configuration options, sharding, aliases, etc. Experience with Elastic API integration. Experience with Fluentd. Proficiency in SQL and optimization of queries. Experience with CI/CD processes. Experience with buffering tools like Kafka and Redis. Exposure to Amazon Elasticsearch, Elastic Cloud, and Pivotal Cloud Foundry. Work with the engineering team to design ingestion and pipeline processes for innovative analytics platforms using best practices and open-source tools such as Elasticsearch, Kibana, Janus Graph, PostgreSQL, and Kafka. Understanding of security and access management concepts. Exposure to public cloud technology is desirable. Knowledge of enabling various types of logs is an added advantage.